This episode features discussion on hacks at 23andMe, Microsoft, the Canadian government, and on the FBI's warning on the cyber threat from China

This episode reports on US government action on vulnerable Ivanti gateways and more

This episode reports on ransomware news, a survey of infosec pros in the financial sector and more

This episode reports on the need for every organization to have contact information on security issues, and more

This episode features a discussion on a hack at Microsoft, the recommendations of the Network Resilience Coalition, a report on AI and cyber threats and more

This episode reports on an investigation into why US federal IT staff pushed for the purchase of forbidden video cameras, record data breach numbers last year in the US, and more

This episode reports on ransomware attacks on a North American firm that manages water utilities ,and more

This episode reports on ransomware attacks, an undetected attack on a VMware hole and more

This episode features a discussion on cryptocurrency scammers hacking X accounts, the arrest of a Ukrainian man for using hacked cloud accounts to create 1 million virtual servers for mining cryptocurrency and how an accounting firm employee fell for a phishing email pretending to be from the CEO led to a data breach

This episode reports on firmware updates from hardware manufacturers that IT admins should be watching for, a phishing warning to Middle Eastern expets and more

This epsiode reports on the latest security updates for a range of products

This episode covers reports with warnings to application developers from Recorded Future and Gitlab; how an accounting company was victimized by a phishing message, and more

This episode features a discussion about the state of cybersecurity jobs 

This episode reports on scams aimed at employees, a report on the Medusa ransomware group, the latest on the number of data breach victims and more

This episode reports on a hole found in Bosch industrial torque wrenches, attacks on Microsoft SQL servers, and more

This episode reports on basic cybersecurity oversights that led to the hacking of a teclo, the increased number of victims of a US law firm hack, a data breach at a Canadian provider of midwives and more

Russian hackers were inside the biggest Ukrainian telecom provider for at least seven months before knocking it offline last month. This and other news are in the podcast

This episode reports on Canadian and American privacy bills before legislatures, ransomware news and more

Don't have a cybersecurity strategic plan? Here's how to start building one

This episode reports on the latest ransomware and vulnerability numbers for 2023

This episode features a discussion about the biggest cybersecurity stories of 2023, and predictions for 2024

This episode reports on a warning of a vulnerability in the SSH protocol, the latest multi-million person data breaches and more

This episode reports on the new SEC cyber attack rules that come into effect today, guidance from the NSA on creating a software bill of rights, and more

This epsiode features discussion on how much responsibility governments should shoulder to fight ransomware, why North Korea's Lazarus group is still exploiting the two-year old Log4j vulnerability and the latest on insider attacks

This episode reports on the growth of the KV-botnet, the discovery of another unprotected database on the internet, and more

This episode reports on a new phishing scam aimed at job recruiters, and more

This episode reports on a US hospital chain notifying 2.5 million patients and employees about data stolen in a ransomware attack, and more

This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and  why outdated Microsoft Exchange servers are still alive

This episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads  using photos of celebrities, and more

This episode reports on abuse of Go language repositories, unpatched Outlook servers targeted by Russian group, and more

This episode  reports on a campaign against critical infrastructure using PLCs, a vulnerability in PCs, and more

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms were hacked

This episode reports on how a hotel allowed its reservation system to be abused by a crook, US hits at a cyrptocurrency mixer used by North Korea, and more

This episode reports on a company hit twice by a ransomware gang, the arrest in Ukraine of the alleged head of a ransomware gang, and more

This episode reports on the latest ransomware attacks, and details of how a gang that scams people selling used products online works

This episode features discussion on Australia's decision to not make ransomware payments illegal, huge hacks of third-party service suppliers in Canada and the U.S. and whether email and smartphone service providers are doing enough to protect customers

This episode reports on the increasing number of vulnerable Kubernetes containers online, the latest acknowledged data breaches, a browser scam aimed at Macs, and more

This episode reports on unpatched holes that are being exploited by threat actors, and more

This episode reports on ransomware attacks and 1.6 million more victims of MOVEit hacks

This episode features a discussion on lessons learned from a huge cyber attack in Denmark, and more

This episode reports on claims by a threat actor that they used a former employee's still active credentials for a data theft, and more

This episode reports on the latest ransomware news, why a sophisticated attack on Denmark's critical infrastructure providers was so effective, and more

This episode reports on a cyber attack on the operator of ports in Australia, the hack of a reporter's Experian account, the latest data breaches, and more

This episode features discussion on Okta explanation of a hack, Cloudflare's explanation of a power outage and more

This episode reports on a sophisticated OT and IT attack on Ukraine by Russia's Sandworm gang, how failing to patch a firewall fast led to a regulatory fine and more 

This episode reports on a university investigation into data brokers, new malware and how hackers could have gotten into medical software

This episode reports on the cause of a recent hack at Okta, personal data stolen from the emaill of employees at a fast food chain, a proxy botnet found and more

This episode features a discussion on changes laid by the SEC against SolarWinds, the latest meeting of the International Counter Ransomware Initiative, cyber attacks on libraries and the departure of CEO John Chen from BlackBerry.

This episode reports on threat actors going after holes in Apache ActiveMQ and Airflow, as well as Citrix NetScaler Gateway appliances

This episode reports on a huge haul of US government workers email addresses stolen in a MOVEit hack, malware in the NuGet open source code respository and more

This episode reports on the results of the latest Toronto edition of Pwn2Own contest, hacks at a US hospital, an e-commerce processor and more MOVEit victims

This episode features a discussion on the recent Okta hack, an attack on a Canadian shared services provider to five Canadian hospitals, the SecTOR conference and more.

This episode reports on a data-stealing gang that's added ransomware to its arsenal, a new UK law forcing social media platforms to police harmful content and more

This episode reports on a security update warning from VMware, the discovery of a new ransomware strain and more

This episode reports on the latest security updates from Cisco, SolarWinds and Siemens, and tricks hackers use to pass on to employees in awareness training

It's early but already experts are making cybersecurity predictions for 2024. We take a look at four of them

This episode reports on what could be a fatal mistake for a ransomware gang

This episode reports on another warning to patch Confluence servers and a WordPress plugin, an advanced threat actor leveraging Discord, and more

This episode reports on Equifax UK fined US$13 million, Microsoft paying for finding AI vulnerabilities and more

This episode features discussion on a possible SEC investigation of the MOVEit hacks, the theft of data from 23andMe, the Top 10 cybersecurity misconfigurations, and more

Hackers are trying to exploit unpatched Atlassian Confluence servers and Progress Software WS_FTP file transfer software, and more

This episode reports on the latest security updates for a wide variety of applications

This episode reports on more MOVEit hack news, a US settlement in the Blackbaud ransomware attack and more

This episode features a discussion on how to create an effective cybersecurity awareness program

This episode reports on a malware gang that wasn't completely taken out by police, a warning to admins overseeing Confluence servers and more

This episode reports on phishing email messages leveraging a hold in the Indeed job platform, warnings on poor firmware patching and on internet-connected ICS systems

For October Cyber Security Awareness Month this episode offers tips on how to build an effective awareness program

This episode features discussion on October Security Awareness Month, ransomware, teenage hackers and the start of hearings into proposed Canadian privacy and AI laws

This episode reports on a China-based group that specializes in hacking branch office routers of major companies

This episode reports on phishing campaigns against the hospitality sector, a new ransomware operator and more

This episode reports on a retaliation threat against Canadian websites, the impact of the Dallas ransomware attack, and more

This episode features discussion about the MGM Resorts ransomware attack, and on recent DDoS attacks against Canadian websites

This podcast reports on the latest number of MOVEit victims, new ransomware numbers and more

This episode reports on the possiblity that thousands of internet-facing Juniper SRX firewalls and EX switches may be at risk from a new way to exploit a recently discovered vulnerability, and more

This episode reports on a sophisticated scam, and lessons that can be taught for security awareness training

This episode features discussion on Microsoft's explanation of how the hack of one of its software developers led to one of the most amazing breaches of email security, a ransomware report from the U.K., a Business Council of Canada report on security and why the .US domain is being used so much for phishing attacks.

An alert about a group that focuses on tricking IT support staff by claiming to be an employee  who needs to reset their password, and more

This episode reports on the latest security updates, a scam aimed at IT service desk staff of American organizations that use access management solutions from Okta, and more

This episode reports on vulnerabilities that have to be dealt with in Cisco applications, the sentencing of a Russian businessman in the US to nine years in prison for his role in a nearly US$100 million stock market cheating scheme, and more

This episode features a discussion between IT World Canada CIO Jim Love and  Adam Evans, chief information and security officer of Royal Bank of Canada

This episode reports on the latest survey of boards on cybersecurity, and more 

This episode reports on what your organization might need to get and keep cyber insurance -- or whether you should self-insure by setting up a rigorous cybersecurity program

This episode offers cybersecurity and privacy advice and links to websites for parents about to send their kids back to school

This episode features discussion on International Women in Cybersecurity Day, a Canadian cybercrime report, the takedown of the Quakbot bot and the attacks on Barracuda Networks' ESG email gateways

This episode reports on more bad packages in open-source repositories, and why you shouldn't play the date game

This episode reports on QR codes being used by threat actors, statistics on ransomware and MOVEit hacks, and more

This episode reports on several newly revealed hacks, including the theft of the names and ranks of 47,000 London police and staff stolen after a hacker got into the IT systems of a firm that prints police warrant cards and staff passes

This episode features a discussion about zero trust and the cyber attack on Tesla by former employees

This episode reports on what some crooks are doing with stolen personal data, and more

This episode reports on a persistent attacker, security updates for Ivanti Sentry and more 

This episode includes reports on how much Dallas paid for a ransomware incident response, data released by the Black Basta ransomware gang after an attack on a U.S. housing authority and more

This episode features a discussion on a report into the successes of the Lapsus$ extortion gang, a ransomware attack against a Canadian non-profit, a vulnerability in the WiFi module of the infotainment system of some Ford vehicles and whether governments should mandate minimum cybersecurity standards for internet-connected devices

This episode reports on a  hole in the naming policies of modules developers can put in  Microsoft's PowerShell Gallery, lessons from a honeypot test and more

This episode reports on the most recent data breaches and an extortion campaign against LinkedIn users who lose access to their accounts

This episode reports on the hack of Hub International, advantages of honeypots, artificial intelligence and more

This episode features discussion on preventing ransomware in schools, a UK report on ransomware and insurance, the MOVEit hacks and sports teams and venues as cyber targets

This episode reports on the latest phishing attacks, attacks on unsupported and unpatched Zyxel routers and more

This episode reports on the latest trends in ransomware attacks, and security updates from Microsoft, SAP and PaperCut

This episode reports on the latest victims of MOVEit hacks, data thefts at Colorado's Department of Higher Education, and more

This repeat episode is a conversation with Aaron McIntosh, co-author of the Ransomware Task Forces' Blueprint for Ransomware Defence.

This episode looks at a recent from the UK National Cyber Security Centre on shadow IT

This episode reports on lessons from an analysis by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on 121 assessments it did on security incidents last year

This episode reports on two alerts to admins with Linux in their environments and a caution for web site and web application developers

This episode features a discussion on the latest news in artificial intelligence, women in cybersecurity and data breach reporting 

This podcast reports on the need to patch MikroTik routers and Ivanti's Endpoint Manager Mobile and more

This episode reports on the slow adoption of DMARC protection, infected packages in open source repositories and more

This episode reports on a patch for Adobe OpenMeetings, a lack of patching of Zyxel devices, allegations that Microsoft's security breach may be worse than thought, and more

This episode features a discussion on an attacker forging a Microsoft authentication key for cloud access, developers including private keys in Docker containers, the continuing increase in ransomware attacks and more

This episode reports on the latest news in the MOVEIt hack, spyware, attribution in the JumpCloud hack and more

This episode reports on the jailing of an IT security analyst who tried leverage a cyber attack to extort money from the U.K. company he worked for, an AI chatbot for crooks, and more

This episode reports on attacks on AWS, Azure and Google Cloud environments, Russia's attempt to disconnect from the global internet and more

This episode features discussion on insider threats, the pace of cybersecurity spending by the private sector, how hackers are creating voice fakes and the responsibilities of CEOs during a cyber attack

This episode reports on ransomware statistics,  the release of the source code for the BlackLotus bootkit and the release of the implementation plan for the U.S. National Cybersecurity Strategy

This episode reports on the cyber trial of a British teen, NATO cyber strategy, how a CEO should respond to a cyber attack and more

This episode reports on the discovery of another unprotected database of personal information, an analysis of new ransomware variants and more

This episode features a discussion with Aaron McIntosh, co-author of the Ransomware Task Force's Blueprint for Ransomware Defense

How much can infosec pros learn from a honeypot? This podcast answers that question

A look back at Canadian privacy commissioners' report into problems with the Tim Hortons mobile app

This episode reports on the availability of a decryptor for Akira ransomware, a $70 million ransomware demand and more

This episode features a discussion on the Suncor cyber attack, the costs of the Indigo ransomware attack and the value of SIEMs

This episode reports on a new information-stealing malware, crooks cloning voices for virtual kidnapping and more

This episode reports on the latest victim of the MOVEit vulnerability, the impact of Europol's dismantling of an encrypted communications service used by crooks and more

This episode reports on a US insurance firm and a state employees' pension fund caught in the MOVEit hack of a supplier, pilots of two airlines caught in the hack of one of their partners, an infected USB key that led to a hospital being hacked, and more

This episode features a discussion on calls by several civil rights groups for the Canadian government to tighten up its proposed cybersecurity law, the proper way companies should notify victims of a data breach, why cybercrooks like using the Telegram Messaging service and more 

This episode reports on the increasing number of ransomware attacks, an email scam that tricks firms into switching payment bank accounts of employees and more

This episode reports on patches for Asus routers, a new Russian email server attack on Ukraine, a ransomware gang takes credit for an attack on Reddit and more

This episode reports on the latest news on MOVEit hacks, a DDoS site taken down by police in Poland and more

This episode features a discussion on paying ransomware demands, a crimeware gang whose targets include small and medium businesses and why some developers are less than careful with their API keys.

This episode reports on GitHub being abused by a threat actor, surveys of infosec pros and more

This episode reports on crime and punishment, civil fines for Microsoft and Spotify and more

This episode reports on the latest news in the MOVEit compromise saga, a successful attack on a SharePoint online customer, recent data breaches and more

This episode features a discussion on the Nova Scotia health data breach, the compromise of the MOVEit file transfer application and more

This episode looks at some of the numbers gathered from 16,000 cybersecurity incidents in the annual Verizon report

This episode looks at the traits a firm should consider if appointing a CISO to the board of directors

This episode reports on the BlackSuit ransomware strain, an expected EU privacy fine against Microsoft, a warning about an attack on web sites and more

This episode features a discussion on a report into the ransomware attack on Newfoundland's IT healthcare system, a penalty paid by a US medical billing supplier over a data breach, an Australian company's estimate of the costs of a ransomware attack and the sentencing in the U.S. of two Nigerian cyber crooks.

This episode reports on ransomware attacks, a proposed US$25 million fine against Amazon and more

This episode reports on CAPTCHA evasion, more exploits added to the Murai botnet and more

This episode reports on a new ransomware gang, new industrial control malware and advice for infosec leaders from a CISO whose firm suffered a ransomware attack

This episode features a discussion on employees who contributed to a company hack by sharing a password to an email account the spread of a fake image posted on Twitter of an explosion supposedly near the Pentagon and more

This episode reports on data breach notifications, an updated hacking tool, surveys of infosec pros and more

This episode reports on an IT security analyst convicted of trying to extort his own company, cybersecurity problems with government agencies in Utah and more

This episode reports on more financial penalties for a US firm's data breach, the PyPI registry can't keep up with added malware, Dole pays $US10.5 million to repair computers after ransomware attack and more

This episode features discussion about this week's U.S. Senate hearing on regulating artificial intelligence, the release of school schematics by a ransomware gang, a cybersecurity company fooled by a fake onboarded employee and the latest use of facial recognition software

This episode reports on how crooks are leveraging Dropbox and the new .,zip domain, offers tips for vacation travelers and more

This episode reports on a new DDoS attack tactic, a U.S. pharmaceuticals company reports a data breach of 5.8 million people, attacks on TP-Link routers and more

This episode reports on man-in-the-middle attacks, a new GitHub security tool, a warning about possibly fake MSI firmware updates and more

This week's review features a discussion between Jim Love and David Shipley on the progress in the fight against ransomware

This episode reports on lessons learned in a breach of security controls, a data breach at SchoolDude, a ransomware warning to admins with VMware hypervisors and more

This episode reports on a survey of CISOs and more

This episode reports on a new ransomware gang, an update on a ransomware attack on an American private university and more 

This episode features a discussion on the latest news about ChatGPT, data thefts of from test and decommissioned servers and whether the FBI needs more money to fight cybercrime

This episode reports on PayPal being used to send fake invoices and more

This episode reports on ransomware, a data theft at Yellow Pages Canada, ra[od Apple patches and more

This episode reports on increasingly good fake checkout pages being used on compromised e-commerce sites, malware hiding in supposedly free versions of utilities and games and more

This episode includes a discussion on the merits of the supervised super-penetration tests major Canadian banks and insurance companies will have to undergo

This episode reports on the need to update applications from Veeam, Apache, VMware, and more 

This episode reports on common factors in successful ransomware attacks, new tools used by threat actors and a call to update PaperCut servers

This episode reports on infected versions of popular business apps circulating on the internet, attackers are getting into Kubernetes access control and the impact of the X_Trader supply chain attack

This episode features a discussion on the supply chain attack that led to the 3CX supply chain attack, how organizations using Fortra's vulnerable GoAnywhere MFT platform might have stopped ransomware attacks, sensitive data found on used routers and more

This podcast looks at slips by the LockBit ransomware gang, and how one attack was helped by poor cyber hygiene

This episode reports on a new collaboration to create new malware, the latest email campaign using the QBot malware and more

This episode reports on new macOS ransomware, a warning to accounting and tax preparation firms on a scam, and more

This episode features a discussion on the alleged cyber attack against a Canadian gas pipeline, identity management, Windows patches and a new piece of commercial spyware

This episode reports on the latest data breaches, an attack on  internet-connected irrigation systems in Israel and more

This episode reports on details of a commercial spyware company, an issue in Microsoft's Azure storage accounts, how crooks try to bypass Google's Play store with malicious apps and more

This episode reports on data breaches, a Ukrainian utility compromised after an employee downloads pirated Microsoft Office, alleged dodgy  activity by Tesla and Samsung employees and more

This episode features a discussion on the 3CX supply chain hack, new ransomware, the takedown of the criminal Genesis marketplace and more.

This episode reports on an attempt to take down the IT infrastructure behind stolen versions of the Cobalt Strike tool, the emerging Styx criminal marketplace and more

This episode of the podcast reports on ransomware, a compromised US income tax web site, the exploit of a backup program and more

This episode reports on millions of Americans who took out loans being notified of a data breach, a criminal group trying to defraud companies hit by ransomware by bluffing and more

This episode features a discussion on the call for a temporary halt in developing AI applications, the future of TikTok, World Backup Day and more

This episode reports on how crooks take over Instagram accounts, a WiFI problem in Linux-based devices like access points and smartphones more

This episode reports on a warning to Okta administrators, a data breach at an Australian financial corporation grows and more

This episode reports on crooks using business email compromise tactics to steal products, the latest phishing email scam and more

This episode features a discussion on penetration testing, the cybersecurity maturing rankings of companies, rotating infosec jobs across government departments and the number of people on boards with cybersecurity experience

This episode reports on code in an online payment gateway modified to skim credit cards, a security problem with Windows' Snipping tool and more

This episode reports on a review of the latest version of ChatGPT, poor passwords are compromising Linux SSH servers and more

This episode reports on the latest news on TikTok, ransomware and a hack at an NBA provider

This episode features a discussion on a Canadian parliamentary committee report on cybersecurity, the Newfoundland healthcare system ransomware attack and the cyber implications of the Silicon Valley Bank failure

This episode reports on a huge data breach, information on the Trigona ransomware and more